Subscribe

Broken file-list-info permissions for ONTAP-created files

Trying to sort this out still, but it seems that files created by ONTAP get bogus permissions via file-list-info. Note:

<file-info>

        <name>filersid.cfg.bak</name>

        <file-type>file</file-type>

        <creation-timestamp>1325619291</creation-timestamp>

        <modified-timestamp>1325619291</modified-timestamp>

        <changed-timestamp>1325619291</changed-timestamp>

        <accessed-timestamp>1325619291</accessed-timestamp>

        <perm>1044</perm>

        <owner-id>0</owner-id>

        <group-id>0</group-id>

        <file-size>68</file-size>

        <hard-links-count>1</hard-links-count>

        <inode-number>6855717</inode-number>

        <acl-type>no_acl</acl-type>

</file-info>

...versus:

-bash-3.00$ stat filersid.cfg.bak

  File: `filersid.cfg.bak'

  Size: 68              Blocks: 8          IO Block: 32768  regular file

Device: 1bh/27d Inode: 6855717     Links: 1

Access: (0440/-r--r-----)  Uid: (    0/    root)   Gid: (    0/    root)

Access: 2012-01-03 11:34:51.665523000 -0800

Modify: 2012-01-03 11:34:51.674537000 -0800

Change: 2012-01-03 11:34:51.674537000 -0800

-bash-3.00$

It appears the internal permissions are '10440' (the leading 1 being wafl-specific) and then the resultant string is sliced to the first 4 chars (rather than masking it off). For example, chmod'ing a legit sticky bit onto the file (1440) yields:

        <perm>1144</perm>

The behavior follows if a file is copied (either via ZAPI or NFS), but a new file created via NFS shows the correct behavior.

This is in the root volume, with a unix qtree style, so it wouldn't seem to be shenanigans from a mixed security style. Seeing this on both 8.0.1P5 and 7.3.2P4 systems, haven't bothered hunting for other variants.

Re: Broken file-list-info permissions for ONTAP-created files

Hi,

You may want to ask this question in the NetApp Support Community.  The current customers, partners and internal Subject Matter Experts are addressing technical product questions there.

Mike